From owner-freebsd-security Fri Feb 21 12:49:36 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id MAA21787 for security-outgoing; Fri, 21 Feb 1997 12:49:36 -0800 (PST) Received: from narcissus.ml.org (root@brosenga.Pitzer.edu [134.173.120.201]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id MAA21779 for ; Fri, 21 Feb 1997 12:49:34 -0800 (PST) Received: (from ben@localhost) by narcissus.ml.org (8.7.5/8.7.3) id MAA02492; Fri, 21 Feb 1997 12:49:17 -0800 (PST) Date: Fri, 21 Feb 1997 12:49:17 -0800 (PST) From: Snob Art Genre To: gnat@frii.com cc: freebsd-security@FreeBSD.ORG Subject: Re: 2.1.7 requires a rebuild of /usr/local binaries? In-Reply-To: <199702211734.KAA03840@elara.frii.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-security@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk On Fri, 21 Feb 1997 gnat@frii.com wrote: > I've just installed 2.1.7 (upgrading from 2.1.5) on my own machine, > prior to upgrading all our servers. The advisory re: the setlocale > bug said to rebuild all statically linked binaries and probably all > dynamically linked ones too. > > Going to the 2.1.7-RELEASE/packages directory, however, I see it's > just a link to the 2.1.6 packages directory. Does this mean that I > don't have to rebuild all my binaries after all? It probably means that the packages were rebuilt as soon as the fix became available. You should still rebuild if you can, because your binaries are linked against libraries which contain the security hole that prompted the release of 2.1.7. > Nat > Ben "You have your mind on computers, it seems."